Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/7afce4-218b-47ed-95ab-75d5843aa489/1/baD_n9j3vZlBvBREQ8b1rUvih9E.roa
File: baD_n9j3vZlBvBREQ8b1rUvih9E.roa (raw, json)
Hash identifier: u0x49bi+KGqbUheUMPwjOmhVfwX0RI6xXrYHwkkzdnA=
Subject key identifier: 6D:A0:FF:9F:D8:F7:BD:99:41:BC:14:44:43:C6:F5:AD:4B:E2:87:D1
Certificate issuer: /CN=f501b9e20616d686b405da906afa597635063640
Certificate serial: 03D767A5
Authority key identifier: F5:01:B9:E2:06:16:D6:86:B4:05:DA:90:6A:FA:59:76:35:06:36:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QG54gYW1oa0BdqQavpZdjUGNkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/7afce4-218b-47ed-95ab-75d5843aa489/1/baD_n9j3vZlBvBREQ8b1rUvih9E.roa
Signing time: Sat 01 Jan 2022 16:02:42 +0000
ROA not before: Sat 01 Jan 2022 16:02:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34204
IP address blocks: 195.95.223.0/24 maxlen: 24
195.95.222.0/23 maxlen: 23
195.95.222.0/24 maxlen: 24
195.135.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64448421 (0x3d767a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f501b9e20616d686b405da906afa597635063640
Validity
Not Before: Jan 1 16:02:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6da0ff9fd8f7bd9941bc144443c6f5ad4be287d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1c:c4:14:12:20:d8:b7:a6:04:8c:d6:e2:ef:
e0:f6:0c:b5:60:c2:3a:9e:59:ca:f6:3b:30:45:0d:
19:37:be:6d:34:66:5d:bb:25:0b:f2:05:ea:7e:a1:
52:1e:91:3f:7b:09:35:d0:8e:77:a2:b7:92:92:db:
41:cd:55:b9:8a:72:a9:fb:d1:71:d5:57:16:a0:bc:
5c:df:01:39:e6:47:37:66:fb:de:b3:b7:59:2d:8a:
cc:f5:09:d8:7a:65:ea:87:12:28:da:1f:52:6d:64:
30:78:2a:5f:8c:20:10:4e:bf:e4:55:61:19:2d:7a:
11:40:83:f1:a2:91:86:f2:19:3d:08:0c:3f:b4:9a:
f3:43:de:fa:51:67:b1:b3:83:a4:f3:b3:7b:5a:44:
ed:ba:67:24:72:6b:75:ab:29:ad:c3:2d:ac:6e:2a:
51:1b:26:07:c1:b8:ad:b6:7a:94:c8:35:45:90:90:
9d:7a:ce:dc:7a:db:f4:7c:08:4a:a2:c8:30:fe:4f:
a4:a6:d4:ef:b9:a3:06:67:ff:a4:b2:14:2d:8b:c9:
72:2b:a7:24:dc:d0:1a:e5:a9:8a:85:d7:6d:3c:f5:
93:59:b3:e5:e9:29:41:a7:94:d6:0a:4f:aa:b5:c7:
e9:ca:b7:3f:10:fc:31:3f:02:d4:97:a0:f9:b7:ec:
96:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A0:FF:9F:D8:F7:BD:99:41:BC:14:44:43:C6:F5:AD:4B:E2:87:D1
X509v3 Authority Key Identifier:
keyid:F5:01:B9:E2:06:16:D6:86:B4:05:DA:90:6A:FA:59:76:35:06:36:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QG54gYW1oa0BdqQavpZdjUGNkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7afce4-218b-47ed-95ab-75d5843aa489/1/baD_n9j3vZlBvBREQ8b1rUvih9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7afce4-218b-47ed-95ab-75d5843aa489/1/9QG54gYW1oa0BdqQavpZdjUGNkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.222.0/23
195.135.244.0/22
Signature Algorithm: sha256WithRSAEncryption
36:aa:d7:c4:b6:a8:9f:79:48:40:04:b5:e1:f2:4b:4b:e1:38:
00:ed:cf:a9:fa:d3:72:a2:37:1e:b7:ac:2e:df:f2:fb:8c:8e:
d9:19:9c:42:8c:d8:fc:3b:5a:dc:fe:05:7a:91:cd:db:60:d8:
17:8e:db:78:86:f3:ff:3e:dd:4c:98:be:39:34:89:9d:fd:32:
58:57:0f:4d:17:bf:ca:d8:da:e5:33:e1:b6:48:f8:f3:1e:19:
21:3b:fd:18:0b:00:1c:0a:53:c9:0b:3a:b8:9a:db:9d:6a:dc:
ad:e6:cb:79:ca:7f:f7:1f:c0:70:f5:da:29:61:e4:eb:07:02:
18:7a:db:86:1d:7f:37:77:18:2f:42:bb:7a:b2:1e:9c:e9:54:
1c:5b:c4:86:70:dc:f9:7f:1f:55:23:2a:5c:a0:5a:a5:61:4d:
28:30:47:6e:f5:ff:67:15:43:bd:94:41:92:89:22:c1:47:3d:
24:6a:59:3c:8d:4e:ce:8a:c8:88:8b:58:41:34:7f:da:94:d0:
8a:9d:80:8c:2f:fd:29:c8:55:17:4e:71:43:cf:16:4b:63:f1:
fb:c6:bd:86:29:f0:e7:e4:ed:98:b3:67:5e:da:2c:f3:4c:30:
92:6b:cf:6b:7d:b0:df:62:55:32:2e:8d:69:55:78:20:1f:92:
83:04:07:77
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA9dnpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTAxYjllMjA2MTZkNjg2YjQwNWRhOTA2YWZhNTk3NjM1MDYzNjQwMB4XDTIyMDEw
MTE2MDI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRhMGZmOWZkOGY3
YmQ5OTQxYmMxNDQ0NDNjNmY1YWQ0YmUyODdkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYcxBQSINi3pgSM1uLv4PYMtWDCOp5ZyvY7MEUNGTe+bTRm
XbslC/IF6n6hUh6RP3sJNdCOd6K3kpLbQc1VuYpyqfvRcdVXFqC8XN8BOeZHN2b7
3rO3WS2KzPUJ2Hpl6ocSKNofUm1kMHgqX4wgEE6/5FVhGS16EUCD8aKRhvIZPQgM
P7Sa80Pe+lFnsbODpPOze1pE7bpnJHJrdasprcMtrG4qURsmB8G4rbZ6lMg1RZCQ
nXrO3Hrb9HwISqLIMP5PpKbU77mjBmf/pLIULYvJciunJNzQGuWpioXXbTz1k1mz
5ekpQaeU1gpPqrXH6cq3PxD8MT8C1Jeg+bfsliUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRtoP+f2Pe9mUG8FERDxvWtS+KH0TAfBgNVHSMEGDAWgBT1AbniBhbWhrQF
2pBq+ll2NQY2QDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlRRzU0Z1lXMW9hMEJkcVFhdnBaZGpVR05rQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvN2FmY2U0LTIxOGItNDdlZC05NWFiLTc1ZDU4NDNhYTQ4OS8x
L2JhRF9uOWozdlpsQnZCUkVROGIxclV2aWg5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
N2FmY2U0LTIxOGItNDdlZC05NWFiLTc1ZDU4NDNhYTQ4OS8xLzlRRzU0Z1lXMW9h
MEJkcVFhdnBaZGpVR05rQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcNf3gMEAsOH9DANBgkqhkiG9w0B
AQsFAAOCAQEANqrXxLaon3lIQAS14fJLS+E4AO3PqfrTcqI3HresLt/y+4yO2Rmc
QozY/Dta3P4FepHN22DYF47beIbz/z7dTJi+OTSJnf0yWFcPTRe/ytja5TPhtkj4
8x4ZITv9GAsAHApTyQs6uJrbnWrcrebLecp/9x/AcPXaKWHk6wcCGHrbhh1/N3cY
L0K7erIenOlUHFvEhnDc+X8fVSMqXKBapWFNKDBHbvX/ZxVDvZRBkokiwUc9JGpZ
PI1OzorIiItYQTR/2pTQip2AjC/9KchVF05xQ88WS2Px+8a9hinw5+TtmLNnXtos
80wwkmvPa32w32JVMi6NaVV4IB+SgwQHdw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:57 2023 by rpki-client on console-ams.rpki-client.org